We are fast approaching the date where NIST has recommended that end entities stop utilizing 1024-bit private keys. OpenSSL, however, currently defaults to creating 1024-bit keypairs. To create a 2048-bit private key and corresponding CSR (which you can send to a certificate authority to obtain your SSL certificate):
openssl req -new -nodes -newkey rsa:2048 -keyout mydomain.key -out mydomain.csr |
This command will make a 2048-bit key, run the interactive prompt to populate the fields of the certificate signing request, and leave the private key unencrypted (-nodes). You can remove -nodes if you wish, but encrypting the private key will require you to type the password every time you start an application (like apache) that uses it.
If you use multiple shells simultaneously (in my case with Terminal.app on OS X) you’ve undoubtedly noticed that the history of the last closed shell clobbers any commands you might have executed in others. This makes it difficult to use reverse-i-search to find commands you recall using. However, with a few modifications to your bash history you can greatly increase its utility.
export HISTCONTROL=erasedups export HISTSIZE=10000 export HISTTIMEFORMAT="%D %T " export HISTIGNORE="&:ls:exit" shopt -s histappend |
Save the above lines to your home directory’s .profile (or .bash_profile) and your shell history will now prevent duplicates, have a maximum of 10,000 items, append a timestamp to all new commands, exclude a list of commands, and append history between shells.
A quick reminder for those who don’t know or have forgotten how to upgrade an Ubuntu server:
sudo apt-get install update-manager-core sudo do-release-upgrade |
Follow the instructions, reboot, and you’re done!
Mac OS X’s EULA only allows for usage of OS X Server within VMware Fusion, but with a (relatively) simple script you can modify the darwin.iso to function with OS X client as a guest.1 This script should hypothetically work with Fusion 2.0 and 3.0 on Leopard and Snow Leopard (as both guest and host). Save the following script to a file.
#!/bin/bash cd "/Library/Application Support/VMware Fusion/isoimages" mkdir original mv darwin.iso tools-key.pub *.sig original perl -n -p -e 's/ServerVersion.plist/SystemVersion.plist/g' < original/darwin.iso > darwin.iso openssl genrsa -out tools-priv.pem 2048 openssl rsa -in tools-priv.pem -pubout -out tools-key.pub openssl dgst -sha1 -sign tools-priv.pem < darwin.iso > darwin.iso.sig for i in *.iso ; do openssl dgst -sha1 -sign tools-priv.pem < $i > $i.sig ; done exit |
Now open Terminal and chmod the script to executable.
chmod 755 /path/to/my/script |
Finally, execute the script with root privileges.
sudo ./path/to/my/script |
This will modify and re-sign the darwin.iso to allow OS X client as a guest. Hat tip to several sources online (which I can no longer remember) that were used to help make this script many moons ago.
I’ve just updated my Ubuntu 9.10 in VMware article with a better process. If you’re looking to install Karmic Koala when it’s released on 10/29 check it out!
I’ve spent quite a bit of time on CDN Tools and Fidgetr in the past few weeks and this has cut back on the time I had planned to use to write blog entries. I’ll try to get a few new articles up soon, but in the mean time here is a status update on some projects you might be interested in…
CDN Tools (v0.9x and higher) is now compatible with WordPress 2.8+ and features a wide variety of reliability upgrades for various installation quirks. I will be testing it shortly with WP 2.9 and expect to have a compatible version out prior to that release. There are also some fun new features in the pipeline that will hopefully see the light of day in the next few weeks.
Regarding Fidgetr; I have decided to port the widget to the new WP 2.8 multi-widget API (which is adapted from the firetree multi-widget class). While doing so I discovered that my previous assumptions about a single Fidgetr widget per WordPress page made porting quite difficult. This necessitated an almost total rewrite of the core (and major modifications to the accompanying themes). At this time I have the new widget mostly working, but there are many cosmetic bugs to resolve with the themes. That said, I’m excited to offer this feature for those who desire it. I have no targeted release date, but Fidgetr 2.0 will require WP 2.8+. Fidgetr 1.3.5 is almost certainly the last 2.7 compatible release.